package iask.xiao.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import com.alibaba.fastjson.JSONObject;

import iask.xiao.model.SysUser;
import iask.xiao.service.SysUserService;



@Controller
@RequestMapping("/login")
public class LoginController {

	@Autowired
	private SysUserService userService;
	
	@RequestMapping("")
	public String Login(){
		//SysUser user = userService.getSysUserByName("admin");
		
		//System.out.println(JSONObject.toJSONString(user));
		return "login";
	}
	
	@RequestMapping("/signin")
	@ResponseBody
	public String SignIn(String username, String password, boolean rememberMe, String kaptcha){
/*		  if (config.getEnableKaptcha()) {
	            if (StringUtils.isEmpty(kaptcha) || !kaptcha.equals(SessionUtil.getKaptcha())) {
	                return ResultUtil.error("验证码错误！");
	            }
	            SessionUtil.removeKaptcha();
	        }*/
	        UsernamePasswordToken token = new UsernamePasswordToken(username, password, rememberMe);
	        //获取当前的Subject
	        System.out.println("name:"+username + "  password:"+password);
	        Subject currentUser = SecurityUtils.getSubject();
	        try {
	            // 在调用了login方法后,SecurityManager会收到AuthenticationToken,并将其发送给已配置的Realm执行必须的认证检查
	            // 每个Realm都能在必要时对提交的AuthenticationTokens作出反应
	            // 所以这一步在调用login(token)方法时,它会走到xxRealm.doGetAuthenticationInfo()方法中,具体验证方式详见此方法
	            currentUser.login(token);
	            return "登录成功！";
	        } catch (Exception e) {
	            //log.error("登录失败，用户名[{}]", username, e);
	            token.clear();
	            return e.getMessage().toString();
	        }
		
	}
}
